SCHEDULE

The Schedule

A one day immersive experience providing tactical and strategic insights

May 2, 2017, NY
8:30 am
-
9:00 am

Registration and breakfast

Registration and breakfast

9:00 am
-
9:30 am

Opening Keynote - Interactive discussion

Donald Freese, Federal Bureau of Investigation

This fireside chat will help you understand nation-state adversaries and the evolution of risk management through strategic application of threat intelligence. You will learn disruption strategies regarding intrusions and attacks before they impact your business, as well as ways to develop action plans that create a stronger connection between your enterprise and the FBI.

‍Donald Freese, former director of the National Cyber Investigative Joint Task Force (NCIJTF), recently promoted to the FBI’s Information Technology Branch, Enterprise Services and Risk Management

Opening Keynote - Interactive discussion

Donald Freese, Federal Bureau of Investigation

This fireside chat will help you understand nation-state adversaries and the evolution of risk management through strategic application of threat intelligence. You will learn disruption strategies regarding intrusions and attacks before they impact your business, as well as ways to develop action plans that create a stronger connection between your enterprise and the FBI.

‍Donald Freese, former director of the National Cyber Investigative Joint Task Force (NCIJTF), recently promoted to the FBI’s Information Technology Branch, Enterprise Services and Risk Management

9:30 am
-
10:00 am

The How-To’s of Information Sharing

In this session, you will hear specific recommendations on how to successfully share threat intelligence, ways to forge beneficial relationships with participating industry bodies, and key partnerships you should have in place that can be helpful to you and your organization.

Dax Streater, Manager at Cybersecurity Operations at LCRA

Jeffrey Brown, CSIRO, BNY Mellon

The How-To’s of Information Sharing

In this session, you will hear specific recommendations on how to successfully share threat intelligence, ways to forge beneficial relationships with participating industry bodies, and key partnerships you should have in place that can be helpful to you and your organization.

Dax Streater, Manager at Cybersecurity Operations at LCRA

Jeffrey Brown, CSIRO, BNY Mellon

10:00 am
-
10:30 am

Calling All Guards

Organizations face real challenges regarding talent recruitment for their cybersecurity programs. Savvy pros are needed not only to implement the latest tools, but to make sense of the myriad streams of data being gathered and correlated to help thwart and address immediate attacks. Hear how successful organizations are addressing this issue and what you can do to find the talent you need.

Sandra Sargent, Cyber Security Lead at The World Bank

Rick Doten, Chief of Cyber and Information Security at Crumpton Group LLC

Calling All Guards

Organizations face real challenges regarding talent recruitment for their cybersecurity programs. Savvy pros are needed not only to implement the latest tools, but to make sense of the myriad streams of data being gathered and correlated to help thwart and address immediate attacks. Hear how successful organizations are addressing this issue and what you can do to find the talent you need.

Sandra Sargent, Cyber Security Lead at The World Bank

Rick Doten, Chief of Cyber and Information Security at Crumpton Group LLC

10:30 am
-
11:00 am

Expo Floor Opens & Networking Break

Expo Floor Opens & Networking Break

11:00 am
-
11:30 am

4 track tech sessions

4 track tech sessions

11:00 am
-
11:30 am

Cyber War Chronicles - Stories From the Virtual Trenches

Ransom attacks, political hacks, and new dynamics around the accessibility and capability of attack tools have added even more challenges to security. This session will explore some of the latest evolutions of the threat landscape, through a combination of market intelligence, real-world case studies, and direct insights from those on the front lines of cyber-security.

Ron Winward, Security Evangelist, Radware

Cyber War Chronicles - Stories From the Virtual Trenches

Ransom attacks, political hacks, and new dynamics around the accessibility and capability of attack tools have added even more challenges to security. This session will explore some of the latest evolutions of the threat landscape, through a combination of market intelligence, real-world case studies, and direct insights from those on the front lines of cyber-security.

Ron Winward, Security Evangelist, Radware

11:00 am
-
11:30 am

Cybersecurity Programs & Understanding Your Risk

Cyber-crime is on the rise. How is your organization positioned against this dynamic threat landscape? Performing a cybersecurity assessment and building a cybersecurity program is of utmost importance and this session will answer your questions and provide you visibility to your organization’s overall cyber risks.

Michael J. Mihalik, Chief Information Security Officer, SPHERE Technology Solutions

Cybersecurity Programs & Understanding Your Risk

Cyber-crime is on the rise. How is your organization positioned against this dynamic threat landscape? Performing a cybersecurity assessment and building a cybersecurity program is of utmost importance and this session will answer your questions and provide you visibility to your organization’s overall cyber risks.

Michael J. Mihalik, Chief Information Security Officer, SPHERE Technology Solutions

11:00 am
-
11:30 am

Disrupting the attack lifecycle: how do attackers behave?

This session will help you understand the behavioral dynamics of attackers, and how defenders can leverage them when creating their defensive strategy. You will learn what attacker data to collect, how to improve selection of security tools, and tactics towards raising the cost of attack against your organization.

Kelly Shortridge, Threat Analytics Product Manager, BAE Applied Intelligence

Disrupting the attack lifecycle: how do attackers behave?

This session will help you understand the behavioral dynamics of attackers, and how defenders can leverage them when creating their defensive strategy. You will learn what attacker data to collect, how to improve selection of security tools, and tactics towards raising the cost of attack against your organization.

Kelly Shortridge, Threat Analytics Product Manager, BAE Applied Intelligence

11:00 am
-
11:30 am

People Centric Security: How to Build a Progressive Security Culture

People, as much as technology, are critical for an organization’s information security defense, so building a strong security culture needs to be a top priority. In this presentation, attendees will learn the foundations of building a progressive security culture, and take home actionable ideas to boost efforts in their own organizations immediately.

Rich Smith, Director of R&D, Duo Labs

People Centric Security: How to Build a Progressive Security Culture

People, as much as technology, are critical for an organization’s information security defense, so building a strong security culture needs to be a top priority. In this presentation, attendees will learn the foundations of building a progressive security culture, and take home actionable ideas to boost efforts in their own organizations immediately.

Rich Smith, Director of R&D, Duo Labs

11:35 am
-
12:35 pm

4 TRACK CYBER 360 CLINICS

The Cyber 360 clinics are four one-hour facilitated experiences designed to immerse attendees in interactive exercises and discussions giving them a 360-degree view of an issue. Attendees will work through key challenges where they will need to apply what they have learned.

4 TRACK CYBER 360 CLINICS

The Cyber 360 clinics are four one-hour facilitated experiences designed to immerse attendees in interactive exercises and discussions giving them a 360-degree view of an issue. Attendees will work through key challenges where they will need to apply what they have learned.

11:35 am
-
12:35 pm

Cyber 360 Clinic 1

Automating Threat Intelligence

Hear practical areas to consider when building and managing your threat intel strategy. Gain an understanding on how to ensure you have the right technologies and processes in place, what you should buy and the best options for your budget.

Charles Kao, director, global information security, HEDGESERV Corporation

Levi Gundert, vice president of intelligence and strategy, Recorded Future

Cyber 360 Clinic 1

Automating Threat Intelligence

Hear practical areas to consider when building and managing your threat intel strategy. Gain an understanding on how to ensure you have the right technologies and processes in place, what you should buy and the best options for your budget.

Charles Kao, director, global information security, HEDGESERV Corporation

Levi Gundert, vice president of intelligence and strategy, Recorded Future

11:35 am
-
12:35 pm

Cyber 360 Clinic 2

Ransom EVERY ware

Learn key methods for detection and remediation for ransomware through this hands-on workshop.

Henry Jiang, CISO, Oppenheimer & Co.

Cyber 360 Clinic 2

Ransom EVERY ware

Learn key methods for detection and remediation for ransomware through this hands-on workshop.

Henry Jiang, CISO, Oppenheimer & Co.

11:35 am
-
12:35 pm

Cyber 360 Clinic 3

Managing the Mobile Threat

Gain a clearer perspective on ways to manage mobile threats and where technology and policy must intersect.

Brian Heemsoth, director, information security, Aetna

Ricardo Panez, Head of Mobile Threat Prevention, Americas, Check Point

Cyber 360 Clinic 3

Managing the Mobile Threat

Gain a clearer perspective on ways to manage mobile threats and where technology and policy must intersect.

Brian Heemsoth, director, information security, Aetna

Ricardo Panez, Head of Mobile Threat Prevention, Americas, Check Point

11:35 am
-
12:35 pm

Cyber 360 Clinic 4

Indicators of Compromise

Learn how organizations can leverage data from within their organization’s infrastructure to build a stronger kill-chain model and to increase shared information through wider peer relationships while increasing threat indicator performance.

Cyber 360 Clinic 4

Indicators of Compromise

Learn how organizations can leverage data from within their organization’s infrastructure to build a stronger kill-chain model and to increase shared information through wider peer relationships while increasing threat indicator performance.

12:35 pm
-
1:45 pm

Networking Lunch and Expo Floor

Networking Lunch and Expo Floor

1:45 pm
-
2:05 pm

4 TRACK MASTER classes

4 TRACK MASTER classes

1:45 pm
-
2:05 pm

Application Security As A Business Driver

When organizations think of application security they typically think of technology features and functions.  In this talk Matt Rose Global Director of Application Security at Checkmarx discusses how Application Security can actually help drive an organizations bottom line and internal processes.  In this age of ever expanding risk to organizations Application Security can be used to expand your customer base, drive compliance, and expand the knowledge of an organizations executives and employees.

Matt Rose, Director Application Security Strategy, Checkmarx

Application Security As A Business Driver

When organizations think of application security they typically think of technology features and functions.  In this talk Matt Rose Global Director of Application Security at Checkmarx discusses how Application Security can actually help drive an organizations bottom line and internal processes.  In this age of ever expanding risk to organizations Application Security can be used to expand your customer base, drive compliance, and expand the knowledge of an organizations executives and employees.

Matt Rose, Director Application Security Strategy, Checkmarx

1:45 pm
-
2:45 pm

Buzz-sawing the Buzzwords – User (and Entity) Behavioral Analytics to See the Whole Picture

In this talk, we will discuss the concepts of U(E)BA and machine learning and their fit into a security organization.  We will also de-mystify their similar meanings and look at the whole data picture for your organization with an example case.

Joseph L. Mastromarino, Solutions Engineer, LogRhythm

Buzz-sawing the Buzzwords – User (and Entity) Behavioral Analytics to See the Whole Picture

In this talk, we will discuss the concepts of U(E)BA and machine learning and their fit into a security organization.  We will also de-mystify their similar meanings and look at the whole data picture for your organization with an example case.

Joseph L. Mastromarino, Solutions Engineer, LogRhythm

2:10 pm
-
2:40 pm

4 TRACK TECH SESSIONS

4 TRACK TECH SESSIONS

2:10 pm
-
2:40 pm

Demystifying Cybersecurity Risk Management - Goals, Critical Capabilities and Use-cases from the real world

Risk-centric management of security has the ability to transform how InfoSec organizations operate, communicate and contribute to business growth. In this session we separate the signal from the noise to look at real-world security use cases where this approach pays dividends and discuss the critical capabilities required to achieve this.

Syed Abdur, Director, Product Management, Brinqa

Demystifying Cybersecurity Risk Management - Goals, Critical Capabilities and Use-cases from the real world

Risk-centric management of security has the ability to transform how InfoSec organizations operate, communicate and contribute to business growth. In this session we separate the signal from the noise to look at real-world security use cases where this approach pays dividends and discuss the critical capabilities required to achieve this.

Syed Abdur, Director, Product Management, Brinqa

2:10 pm
-
2:40 pm

Layered Security is expensive and isn’t reliable – So how can Automated Incident Response be the Answer?

Traditional cybersecurity detection and response methods are not working. Attackers consistently find ways to compromise endpoint systems regardless of the time, tools, and expense. It is time to look at the promise and challenges of automated incident response and how autoIR will reduce your security operations costs.

Jeffrey Duran, Director of Product Marketing, enSilo

Layered Security is expensive and isn’t reliable – So how can Automated Incident Response be the Answer?

Traditional cybersecurity detection and response methods are not working. Attackers consistently find ways to compromise endpoint systems regardless of the time, tools, and expense. It is time to look at the promise and challenges of automated incident response and how autoIR will reduce your security operations costs.

Jeffrey Duran, Director of Product Marketing, enSilo

2:40 pm
-
3:50 pm

Networking and Expo Floor

Networking and Expo Floor

3:55 pm
-
4:35 pm

Closing Keynote - Panel

The Trump Effect on Information Security: Is Less Regulation What We Need?

The new administration is promising an environment of reduced regulation and oversight. That environment, while welcome by some, will increase the need for effective and clear communication between your partners and regulators. Learn ways to make this new paradigm work so that it doesn’t cause additional turmoil for your business.

Vicky Ames, Director of Information Security at Marriott International

Jeffrey Brown, CSIRO, BNY Mellon

Closing Keynote - Panel

The Trump Effect on Information Security: Is Less Regulation What We Need?

The new administration is promising an environment of reduced regulation and oversight. That environment, while welcome by some, will increase the need for effective and clear communication between your partners and regulators. Learn ways to make this new paradigm work so that it doesn’t cause additional turmoil for your business.

Vicky Ames, Director of Information Security at Marriott International

Jeffrey Brown, CSIRO, BNY Mellon

ICON is an invite-only half-day track. For consideration of an invitation to I.C.O.N.

please email karen.koza@haymarketmedia.com

Icon: A half-day international clinic for CSO’s

Club Room

10:30AM to 3:20 PM

This clinic will tackle challenges from a technical, corporate and a policy perspective within both domestic and international realms. This new feature is specifically for senior cybersecurity leaders. This is a must attend event for any C level cybersecurity professional in the NY and Tri-state area.

10:30 am
-
11:30 am

Inside a Breach

From Risk to Reality

Here we will get a first hand view of a network breach in process. Tricks of the bad guy, what they are after vs. what is the risk, ways they avoid being noticed and of course suggestions on risk reduction techniques.

Lance James, Chief Scientist at Flashpoint

Inside a Breach

From Risk to Reality

Here we will get a first hand view of a network breach in process. Tricks of the bad guy, what they are after vs. what is the risk, ways they avoid being noticed and of course suggestions on risk reduction techniques.

Lance James, Chief Scientist at Flashpoint

11:30 am
-
12:30 pm

The not so New Network Solution

The Future of IT in the Cloud

Some experts and security practitioners understand that their future IT departments will be wholly in the cloud. What network level solutions are being replaced and what cloud solutions have or haven’t worked? With that paradigm shift, what are the new strategies for managing security?

Marty Leidner, chief information security officer, The Rockefeller University

Elad Yoran, CEO, SGP

The not so New Network Solution

The Future of IT in the Cloud

Some experts and security practitioners understand that their future IT departments will be wholly in the cloud. What network level solutions are being replaced and what cloud solutions have or haven’t worked? With that paradigm shift, what are the new strategies for managing security?

Marty Leidner, chief information security officer, The Rockefeller University

Elad Yoran, CEO, SGP

12:30 pm
-
1:30 pm

ICON Lunch

ICON Lunch

1:30 pm
-
2:30 pm

The Mobile Policy Dilemma

The fact that organizations worldwide are embracing mobile is old news. However the struggle internationally in the private sector and government for how to make and enforce policies continues. What are some successful policies for network access for organizational owned devices vs. BYOD? How can policy and technology help smooth the path to success here?

Moderator: Greg Masters, managing editor, SC Media

Rick Doten, chief, cyber and information security, Crumpton Group LLC

Brian Heemsoth, director, information security, Aetna

The Mobile Policy Dilemma

The fact that organizations worldwide are embracing mobile is old news. However the struggle internationally in the private sector and government for how to make and enforce policies continues. What are some successful policies for network access for organizational owned devices vs. BYOD? How can policy and technology help smooth the path to success here?

Moderator: Greg Masters, managing editor, SC Media

Rick Doten, chief, cyber and information security, Crumpton Group LLC

Brian Heemsoth, director, information security, Aetna

2:30 pm
-
3:20 pm

Threat Modeling

From profiling the bad guys to understanding software vulnerabilities and attack points and beyond, threat modeling has become a valuable tool for organizations to tune both technology and human resources in order to better protect assets and the brand. The attacker may not be changing, but the velocity and sophistication of attacks surely are. Learn how threat modeling can help you cope.

Don Freese, Director, National Cyber Investigative Joint Task Force, FBI

Lance James, Chief Scientist at Flashpoint

Threat Modeling

From profiling the bad guys to understanding software vulnerabilities and attack points and beyond, threat modeling has become a valuable tool for organizations to tune both technology and human resources in order to better protect assets and the brand. The attacker may not be changing, but the velocity and sophistication of attacks surely are. Learn how threat modeling can help you cope.

Don Freese, Director, National Cyber Investigative Joint Task Force, FBI

Lance James, Chief Scientist at Flashpoint

Register
See the

SCHEDULE

BECOME A

SPONSOR